Ransomware Attack Hits Critical Infrastructure Vendor PSI Software
Germany-based critical infrastructure software and logistics platforms vendor, PSI Software, has been hit by a devastating ransomware attack, forcing the company to shut down its systems as a precautionary measure. The attack was initially detected on Thursday, and as of now, PSI Software remains offline, operating at diminished capacity.
The attack targeted PSI’s internal IT infrastructure, prompting the company to disconnect all external connections and systems in response. Additionally, the company’s website is currently offline, except for a brief statement regarding the incident.
According to PSI’s latest update on Monday, they are actively investigating the attack’s exact vector and potential impact. However, there are currently no indications that PSI systems at customer sites have been compromised. The company has also clarified that there was no unauthorized access to remote connections for the maintenance of customer systems.
PSI Software specializes in providing control systems for critical infrastructure sectors such as energy control, operational management, network utilization, pipeline management, and leak detection. Notably, PSI has a subsidiary in the U.S. and collaborates with major enterprise vendors including IBM, Microsoft, Oracle, and SAP.
Following the discovery of unusual activity on its network on Feb. 15, PSI Software took immediate action, including shutting down its email system. While email correspondence remains offline, the company has engaged with German authorities and external cybersecurity experts for assistance and guidance.
This attack against PSI Software underscores the growing threat landscape faced by critical infrastructure providers. With malicious actors increasingly targeting such organizations, there is a heightened concern about potential disruptions and the security of vital systems.
Federal cyber officials have issued warnings about state-linked threat actors, particularly from China, actively seeking to infiltrate critical infrastructure systems. These intrusions, spanning transportation, energy, communications, and water sectors, pose significant risks, with some incidents dating back to 2019.
As the investigation into the ransomware attack on PSI Software continues, stakeholders are closely monitoring developments and assessing the broader implications for critical infrastructure security.